fc27393a96
* added sha1 and bcrypt submodules * added bcrypt and sha to src build process * added test sha1 and bcrypt code to validate working * bcrypt auth migration in PHP land * added include path * add sha source * added bcrypt to others * put link_dir ahead of add_executable * fixed typo * try add_library instead * absolute path * absolute path * build bcrypt as static * move to wrapper * move to fork * logs tweak * added lib-ssl/dev for JWT signing * Moved to openSSL SHA1, initial JWT plugin * removed vog * fixed SHA1 algo * typo * use php-jwt, use proper way to add PHP modules, via composer * fixed module path * first attempt to fix cast error * own fork * own fork * add composer vendor directory * go back to jwt-cpp as PR merged * moved to jwt-cpp after PR merge * New token= query for JWT * Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading * JWT integration, validate JWT token via validateToken * added token validation to zms/zmu/zmuser * add token to command line for zmu * move decode inside try/catch * exception handling for try/catch * fix db read, forgot to exec query * remove allowing auth_hash_ip for token * support refresh tokens as well for increased security * remove auth_hash_ip * Error out if used did not create an AUTH_HASH_SECRET * fixed type conversion * make sure refresh token login doesn't generate another refresh token * fix absolute path * move JWT/Bcrypt inside zm_crypt * move sha headers out * move out sha header * handle case when supplied password is hashed, fix wrong params in AppController * initial baby step for api tab * initial plumbing to introduce token expiry and API bans per user * remove M typo * display user table in api * added revoke all tokens code, removed test code * use strtoul for conversion * use strtoul for conversion * use strtoul for conversion * more fixes * more fixes * add mintokenexpiry to DB seek * typo * add ability to revoke tokens and enable/disable APIs per user * moved API enable back to system * comma * enable API options only if API enabled * move user creation to bcrypt * added password_compat for PHP >=5.3 <5.5 * add Password back so User object indexes don't change * move token index after adding password * demote logs * make old API auth optional, on by default * make old API auth mechanism optional * removed stale code * forgot to checkin update file * bulk overlay hash mysql encoded passwords * add back ssl_dev, got deleted * fix update script * added token support to index.php * reworked API document for new changes in 2.0 * Migrate from libdigest to crypt-eks-blowfish due to notice * merge typo * css classess for text that disappear * fixed html typo * added deps to ubuntu control files * spaces * removed extra line * when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist * add libssl1.0.0 for ubuntu 16/12 * small API fixes * clean up of API, remove redundant sections * moved to ZM fork for bcrypt * whitespace and google code style * regenerate auth hash if doing password migration * dont need AUTH HASH LOGIN to be on * Add auth hash verification to the user logged in already case * fix missing ] * reject requests if per user API disabled |
||
---|---|---|
.. | ||
conf/apache2 | ||
examples | ||
patches | ||
source | ||
NEWS | ||
README.Debian | ||
TODO.Debian | ||
changelog | ||
clean | ||
compat | ||
control | ||
copyright | ||
gbp.conf | ||
libzoneminder-perl.install | ||
rules | ||
zoneminder-doc.doc-base | ||
zoneminder-doc.install | ||
zoneminder-doc.links | ||
zoneminder.apache2 | ||
zoneminder.bug-presubj | ||
zoneminder.dirs | ||
zoneminder.docs | ||
zoneminder.examples | ||
zoneminder.install | ||
zoneminder.links | ||
zoneminder.linktrees | ||
zoneminder.lintian-overrides | ||
zoneminder.logrotate | ||
zoneminder.maintscript | ||
zoneminder.manpages | ||
zoneminder.postinst | ||
zoneminder.postrm | ||
zoneminder.preinst | ||
zoneminder.service | ||
zoneminder.tmpfile |
README.Debian
Zoneminder for Debian --------------------- Initializing database --------------------- pv /usr/share/zoneminder/db/zm_create.sql | sudo mysql --defaults-file=/etc/mysql/debian.cnf OR cat /usr/share/zoneminder/db/zm_create.sql | sudo mysql --defaults-file=/etc/mysql/debian.cnf echo 'grant lock tables,alter,create,index,select,insert,update,delete on zm.* to 'zmuser'@localhost identified by "zmpass";'\ | sudo mysql --defaults-file=/etc/mysql/debian.cnf mysql Hint: generate secure password with `pwgen` and update "/etc/zm/zm.conf" accordingly. The following command can help to ensure that zoneminder can read its configuration file: chgrp -c www-data /etc/zm/zm.conf Upgrading database ------------------ The database is updated automatically on installation. You should not need to take this step. Assuming that database is on "localhost" then the following command can be used to upgrade "zm" database: zmupdate.pl Additional permissions may be required to perform upgrade: echo 'grant lock tables, create, alter on zm.* to 'zmuser'@localhost identified by "zmpass";'\ | sudo mysql --defaults-file=/etc/mysql/debian.cnf mysql The following command prints the current version of zoneminder database: echo 'select Value from Config where Name = "ZM_DYN_CURR_VERSION";' \ | sudo mysql --defaults-file=/etc/mysql/debian.cnf --skip-column-names zm Enabling service ---------------- By default Zoneminder service is not automatically started and needs to be manually enabled once database is configured: sudo systemctl enable zoneminder.service Web server set-up ----------------- There are few manual steps to get the web interface working: ## Apache2 Apache can be configured as folder "/zm" using sample .conf: sudo a2enconf zoneminder Alternatively Apache web site configuration template can be used to setup zoneminder as "http://zoneminder": sudo cp -v /usr/share/doc/zoneminder/examples/apache.conf /etc/apache2/sites-available/ sudo a2ensite zoneminder.conf Common configuration steps for Apache2: sudo a2enmod cgi sudo service apache2 reload ## nginx / fcgiwrap Nginx needs "php-fpm" package to support PHP and "fcgiwrap" package for binary "cgi-bin" applications: sudo apt-get install php-fpm fcgiwrap To enable a URL alias that makes Zoneminder available from http://yourserver/zm the following line is to be added to "server" section of a web site configuration: include /usr/share/doc/zoneminder/examples/nginx.conf; For "default" web site it would be sufficient to include the above statement to the file /etc/nginx/sites-enabled/default To avoid problems with feeds from multiple cameras "fcgiwrap" should be configured to start at least as many processes as there are cameras. It can be done by adjusting DAEMON_OPTS in "/etc/default/fcgiwrap". Systemd users may be affected by the following bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792705 ## Note: When Zoneminder web site is running it may be necessary to set Options/Paths/PATH_ZMS to "/zm/cgi-bin/nph-zms" or according to chosen web site configuration. Changing the location for images and events ------------------------------------------- ZoneMinder is now able to be configured to use an alternative location for storing events and images at compile time. This package makes use of that, so symlinks in /usr/share/zoneminder/www are no longer necessary. Access to /dev/video* --------------------- For cameras which require access to /dev/video*, zoneminder may need the www-data user added to the video group in order to see those cameras: adduser www-data video Note that all web applications running on the zoneminder server will then have access to all video devices on the system. -- Vagrant Cascadian <vagrant@debian.org> Sun, 27 Mar 2011 13:06:56 -0700